Sharing data through the cloud securely and privately is a major concern in today’s digital economy. Recent approval of the new European Global Data Protection Regulation (GDPR) strengthens the data protection needs for individuals and the necessity of data-centric approaches to information security. Confidential and Compliant Clouds (Coco Cloud) is an EU FP7 project that has the goal to offer a data protection platform for information sharing between individuals and organisations or between organisations, including the sharing of personal or sensitive data, in accordance to applicable laws, vertical markets regulations, and end user privacy preferences.
Coco Cloud is being piloting in three different domains. A public administration that needs to exchange citizen documents with other public offices; a hospital that needs to regulate the secure sharing of radiological examinations and studies with patients, between doctors and between hospitals; an enterprise where employees have to exchange sensitive business documents.
Coco Cloud envisions the control of the disseminated data (both on the Cloud and on premises) based on mutually agreed electronic Data Sharing Agreements (DSAs) that are uniformly and end-to-end enforced. These agreements can reflect legal and contractual policies or user-defined preferences. Simply said, DSAs specify rules applied for accessing or using the data they are linked to. The project is creating an efficient and flexible framework for secure data management from the client to the cloud, and vice-versa. We purse this objective by addressing three dimensions: i. the writing, understanding, analysis, management, enforcement and dissolution of data sharing agreements, from high level descriptions (close to natural language) to system enforceable data usage policies; ii. the development of a uniform enforcement infrastructure that seamlessly enforces data sharing agreements from the Cloud till the client (e.g., mobile devices) and back; iii. the “compliance by design” approach to address key challenges for legally compliant data sharing in the cloud, placing an early emphasis on understanding and incorporating legal and regulatory requirements into the data sharing agreements. A DSA system takes care of handling the DSA lifecycle and provides the following core tools: • DSA Authoring Tool is in charge of creating and managing DSAs in a user-friendly manner via web technologies. It provides an easy interface to express rules using a language called Controlled Natural Language for DSA, or, more concisely, CNL, based on domain specific dictionaries (e.g., an ontology for the healthcare use case), that resemble the common English.
• DSA Analyzer and Conflict Solver analyze the rules in a DSA and solve potential conflicts. A conflict exists when two policies simultaneously allow and deny an access request under the same contextual conditions. In case a conflict is revealed, the Conflict Solver prioritizes the rules to be enforced.
• DSA Mapper translates the DSA policies from CNL into an enforceable XACML-based language. The outcome of this tool is an enforceable policy. Such policy will be evaluated at each request to access and/or use the target data.
• DSA Lifecycle Manager orchestrates the usage of the DSA system components. It is the single entry point for accessing all the described tools. A Coco Cloud Engine system is then in charge of the runtime enforcement of the defined DSA. It provides the capabilities for creating protected objects and for accessing and using them by taking care of enforcing the rules prescribed in the associated DSA. In particular, it features the Coco Cloud API, a unified frontend to the Coco Cloud services. This enables to create Coco Cloud protected objects, i.e. encrypted digital containers storing the data along with its protection rules (sticky policy).
The Coco Cloud API is also the point used to required access and usage of protected objects. The engine runs seamlessly in the Cloud or on mobile devices and provides different kinds of protections like access control and usage control (continuous authorization and obligation). The engine evaluates the DSA mapped rules. The overall framework integrates with OpenStack (i.e., Swift) and provides supplemental services for managing identities, encryption and keys, platform integrity and auditing, all relying on open and industry standards.